218 lines
7.3 KiB
Bash
Executable file
218 lines
7.3 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
set -eu
|
|
|
|
COLOR_BLUE="\033[38;2;51;100;255m"
|
|
COLOR_RESET="\033[0m"
|
|
DEPLOY=false
|
|
|
|
# parse flags
|
|
for arg in "$@"; do
|
|
case $arg in
|
|
--deploy)
|
|
DEPLOY=true
|
|
shift
|
|
;;
|
|
esac
|
|
done
|
|
|
|
echo "${COLOR_BLUE}"
|
|
echo "=========================================="
|
|
echo " Setting up coryd.dev locally "
|
|
echo "=========================================="
|
|
echo "${COLOR_RESET}"
|
|
|
|
# determine sed compatibility
|
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
|
sed_inplace() {
|
|
sed -i '' "$@"
|
|
}
|
|
else
|
|
sed_inplace() {
|
|
sed -i "$@"
|
|
}
|
|
fi
|
|
|
|
# get secrets from 1password
|
|
echo "${COLOR_BLUE}Signing in to 1Password...${COLOR_RESET}"
|
|
eval $(op signin)
|
|
|
|
echo "${COLOR_BLUE}Fetching secrets from 1Password...${COLOR_RESET}"
|
|
SECRETS_JSON='{
|
|
"POSTGREST_URL": "{{ op://Private/coryd.dev secrets/POSTGREST_URL }}",
|
|
"POSTGREST_API_KEY": "{{ op://Private/coryd.dev secrets/POSTGREST_API_KEY }}",
|
|
"MASTODON_ACCESS_TOKEN": "{{ op://Private/coryd.dev secrets/MASTODON_ACCESS_TOKEN }}",
|
|
"MASTODON_SYNDICATION_TOKEN": "{{ op://Private/coryd.dev secrets/MASTODON_SYNDICATION_TOKEN }}",
|
|
"FORWARDEMAIL_API_KEY": "{{ op://Private/coryd.dev secrets/FORWARDEMAIL_API_KEY }}",
|
|
"BOOK_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/BOOK_IMPORT_TOKEN }}",
|
|
"WATCHING_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/WATCHING_IMPORT_TOKEN }}",
|
|
"ARTIST_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/ARTIST_IMPORT_TOKEN }}",
|
|
"TMDB_API_KEY": "{{ op://Private/coryd.dev secrets/TMDB_API_KEY }}",
|
|
"SEASONS_IMPORT_TOKEN": "{{ op://Private/coryd.dev secrets/SEASONS_IMPORT_TOKEN }}",
|
|
"NAVIDROME_SCROBBLE_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_SCROBBLE_TOKEN }}",
|
|
"NAVIDROME_API_URL": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_URL }}",
|
|
"NAVIDROME_API_TOKEN": "{{ op://Private/coryd.dev secrets/NAVIDROME_API_TOKEN }}",
|
|
"COOLIFY_REBUILD_TOKEN": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_TOKEN }}",
|
|
"COOLIFY_REBUILD_URL": "{{ op://Private/coryd.dev secrets/COOLIFY_REBUILD_URL }}",
|
|
"TOTAL_PLAYS_WEBHOOK": "{{ op://Private/coryd.dev secrets/TOTAL_PLAYS_WEBHOOK }}",
|
|
"SITE_REBUILD_WEBHOOK": "{{ op://Private/coryd.dev secrets/SITE_REBUILD_WEBHOOK }}",
|
|
"DIRECTUS_API_TOKEN": "{{ op://Private/coryd.dev secrets/DIRECTUS_API_TOKEN }}",
|
|
"GIT_REPO": "{{ op://Private/coryd.dev secrets/GIT_REPO }}",
|
|
"SERVER_IP": "{{ op://Private/coryd.dev secrets/SERVER_IP }}"
|
|
}'
|
|
|
|
SECRETS=$(echo "$SECRETS_JSON" | op inject)
|
|
|
|
if echo "$SECRETS" | grep -q '{{'; then
|
|
echo "❌ Error: Unresolved placeholders remain in injected secrets. Check 1Password references." >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "${COLOR_BLUE}Writing .env file...${COLOR_RESET}"
|
|
echo "$SECRETS" | jq -r 'to_entries | .[] | "\(.key)=\"\(.value | gsub("\""; "\\\""))\""' > .env
|
|
echo >> .env
|
|
|
|
while IFS= read -r line; do
|
|
[[ "$line" =~ ^#.*$ || -z "$line" ]] && continue
|
|
export "${line?}"
|
|
done < .env
|
|
|
|
echo "${COLOR_BLUE}✅ Loaded $(grep -c '^[A-Z0-9_]\+=' .env) secrets into .env${COLOR_RESET}"
|
|
|
|
CLI_DIR="$(dirname "$0")/../cli"
|
|
|
|
echo "${COLOR_BLUE}🗳️ Installing root JS packages...${COLOR_RESET}"
|
|
npm install --loglevel=silent --no-audit --no-fund | grep -v "up to date" || :
|
|
|
|
echo "${COLOR_BLUE}🐺 Initializing Husky Git hooks...${COLOR_RESET}"
|
|
npm run prepare
|
|
|
|
echo "${COLOR_BLUE}📦 Installing PHP packages...${COLOR_RESET}"
|
|
composer install --no-progress --no-interaction 2>&1 | \
|
|
grep -Ev "^(Writing lock file|Generating optimized autoload files|Loading composer|Nothing to modify|Use the \`composer fund\`|No security vulnerability|Installing dependencies from lock file|Package operations|[0-9]+ packages you are using are looking for funding)"
|
|
|
|
echo "${COLOR_BLUE}🗃️ Installing CLI JS packages...${COLOR_RESET}"
|
|
( cd "$CLI_DIR" && npm install --loglevel=silent --no-audit --no-fund | grep -v "up to date" || : )
|
|
|
|
if ! command -v cd_cli >/dev/null 2>&1; then
|
|
echo "${COLOR_BLUE}🔗 Linking CLI globally...${COLOR_RESET}"
|
|
( cd "$CLI_DIR" && npm link )
|
|
fi
|
|
|
|
echo "${COLOR_BLUE}⚙️ Initializing media storage config...${COLOR_RESET}"
|
|
cd_cli init
|
|
|
|
rm -rf generated
|
|
mkdir -p generated
|
|
|
|
# escape sed replacements
|
|
escape_special_chars() {
|
|
printf '%s' "$1" | sed 's/[&/\|]/\\&/g'
|
|
}
|
|
|
|
# replace placeholders in template file
|
|
render_template() {
|
|
local input="$1"
|
|
local output="$2"
|
|
cp "$input" "$output"
|
|
|
|
for key in $(jq -r 'keys_unsorted[]' <<< "$SECRETS"); do
|
|
value=$(jq -r --arg k "$key" '.[$k]' <<< "$SECRETS")
|
|
sed_inplace "s|{{${key}}}|$(escape_special_chars "$value")|g" "$output"
|
|
done
|
|
}
|
|
|
|
# render templates
|
|
for filepath in scripts/templates/*.template; do
|
|
[ -e "$filepath" ] || continue
|
|
filename=$(basename "$filepath" .template)
|
|
output="generated/$filename"
|
|
render_template "$filepath" "$output"
|
|
done
|
|
|
|
echo "${COLOR_BLUE}✅ All configurations generated in the 'generated' folder.${COLOR_RESET}"
|
|
|
|
echo "${COLOR_BLUE}"
|
|
echo "=========================================="
|
|
echo " Setup complete! "
|
|
echo " Your local environment is ready! 💻 "
|
|
echo "=========================================="
|
|
echo "${COLOR_RESET}"
|
|
|
|
if [ "$DEPLOY" = true ]; then
|
|
echo "${COLOR_BLUE}Reading module lists...${COLOR_RESET}"
|
|
|
|
# read lists
|
|
MODULES_LIST="scripts/lists/apache_modules.list"
|
|
PHP_EXTENSIONS_LIST="scripts/lists/php_extensions.list"
|
|
REQUIRED_MODULES=$(tr '\n' ' ' < "$MODULES_LIST" | sed 's/ *$//')
|
|
REQUIRED_PHP_EXTENSIONS=$(tr '\n' ' ' < "$PHP_EXTENSIONS_LIST" | sed 's/ *$//')
|
|
|
|
echo "${COLOR_BLUE}Writing server setup script...${COLOR_RESET}"
|
|
|
|
# generate server setup script
|
|
cat > generated/setup-server.sh <<EOF
|
|
#!/bin/bash
|
|
# This file is generated by setup.sh
|
|
|
|
set -eu
|
|
|
|
echo "🔧 Enabling Apache modules..."
|
|
sudo a2enmod $REQUIRED_MODULES
|
|
sudo systemctl restart apache2
|
|
|
|
echo "🔧 Installing PHP extensions..."
|
|
sudo apt update
|
|
sudo apt install -y $REQUIRED_PHP_EXTENSIONS
|
|
sudo systemctl restart php8.3-fpm
|
|
|
|
echo "🔧 Enabling site..."
|
|
sudo cp generated/coryd.dev.conf /etc/apache2/sites-available/
|
|
sudo a2dissite 000-default.conf || true
|
|
sudo a2ensite coryd.dev.conf
|
|
sudo systemctl reload apache2
|
|
|
|
echo "🔐 Running Certbot to obtain TLS certificates..."
|
|
if ! [ -f /etc/letsencrypt/live/coryd.dev/fullchain.pem ]; then
|
|
sudo certbot --apache -d coryd.dev -d www.coryd.dev
|
|
else
|
|
echo "✅ Certificate already exists, skipping Certbot."
|
|
fi
|
|
|
|
echo "🕒 Installing crontabs..."
|
|
sudo crontab generated/root.cron
|
|
sudo crontab -u www-data generated/www-data.cron
|
|
|
|
echo "✅ All done!"
|
|
EOF
|
|
|
|
chmod +x generated/setup-server.sh
|
|
|
|
echo "${COLOR_BLUE}"
|
|
echo "=========================================="
|
|
echo " Deploy script generated! "
|
|
echo " Ready to configure your server! 🚀 "
|
|
echo "=========================================="
|
|
echo "${COLOR_RESET}"
|
|
|
|
read -p "📡 Enter the remote SSH host (e.g., user@hostname): " SSH_HOST
|
|
|
|
if [[ -n "$SSH_HOST" ]]; then
|
|
echo "${COLOR_BLUE}📤 Copying files to $SSH_HOST...${COLOR_RESET}"
|
|
scp -r generated "$SSH_HOST:~/"
|
|
|
|
echo "${COLOR_BLUE}"
|
|
echo "=========================================="
|
|
echo " ✅ Files copied to server! "
|
|
echo "=========================================="
|
|
echo "${COLOR_RESET}"
|
|
|
|
echo "${COLOR_BLUE}🧑💻 Next steps on the server:${COLOR_RESET}"
|
|
echo " ssh $SSH_HOST"
|
|
echo " sudo su"
|
|
echo " ./generated/setup-server.sh"
|
|
else
|
|
echo "${COLOR_BLUE}⚠️ Skipping SSH deploy. No host provided.${COLOR_RESET}"
|
|
fi
|
|
fi
|
|
echo "${COLOR_RESET}"
|